6011 matches found
Updated freerdp packages fix security vulnerabilities
FreeRDP could crash due to a NULL or invalid pointer CVE-2013-4118, CVE-2013-4119...
Updated wget packages fix security vulnerability
GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource CVE-2016-4971. Fixed a potential race condition by creating files with .tmp ext and making them accessible to the current user only CVE-2016-7098...
Updated autotrace packages fix security vulnerability
autotrace failed to allocate sufficient memory to store the terminating NULL pointer in an array, causing an out of bounds write. CVE-2016-7392...
Updated pdns packages fix security vulnerability
PowerDNS Authoritative Server accepts queries with a qname's length larger than 255 bytes CVE-2016-5426. PowerDNS Authoritative Server does not properly handle dot inside labels CVE-2016-5427. These issues allow a remote, unauthenticated attacker to cause an abnormal load on the PowerDNS backend ...
Updated zookeeper packages fix security vulnerability
Lyon Yang discovered that the C client shells clist and climt of Apache Zookeeper were affected by a buffer overflow vulnerability associated with parsing of the input command when using the "cmd:" batch mode syntax. If the command string exceeds 1024 characters a buffer overflow will occur...
Updated thunderbird packages fix security vulnerability
Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird CVE-2016-2836...
Updated graphicsmagick packages fix security vulnerability
A possible heap overflow of the EscapeParenthesis function CVE-2016-7447. The Utah RLE reader did not validate that header information was reasonable given the file size and so it could cause huge memory allocations and/or consume huge amounts of CPU CVE-2016-7448. The TIFF reader had a bug...
Updated firefox/rootcerts/nss packages fix security vulnerability
Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox CVE-2016-5257, CVE-2016-5278, CVE-2016-5270, CVE-2016-5272,...
Updated gnutls packages fix security vulnerability
An issue was found in certificate validation using OCSP responses caused by not verifying the serial length, which can falsely report a certificate as valid CVE-2016-7444...
Applications using libtorrent-rasterbar are vulnerable to denial of service
Applications using libtorrent-rasterbar are vulnerable to denial of service. An attacker-controlled torrent tracker can crash victim torrent clients by sending malformed GZIP responses CVE-2016-7164...
Updated gdk-pixbuf2.0 packages fix security vulnerability
A write out-of-bounds parsing an ico file was found in gdk-pixbuf. A maliciously crafted file can cause the application to crash CVE-2016-6352. The gdk-pixbuf2.0 package has been updated to version 2.32.3 and patched to fix this issue, and a few other possible security issues...
Updated php packages fix security vulnerabilities
Memory Corruption in During Deserialized-object Destruction CVE-2016-7411. Heap overflow in mysqlnd related to BIT fields CVE-2016-7412. wddxdeserialize use-after-free CVE-2016-7413. Out of bound when verify signature of zip phar in pharparsezipfile CVE-2016-7414. Missing locale length check in...
Updated wireshark packages fix security vulnerabilities
The wireshark package has been updated to version 2.0.6, which fixes several security issues where a malformed packet trace could cause it to crash, and fixes several other bugs as well. See the release notes for details...
Updated libarchive packages fix security vulnerability
The updated packages fix several security vulnerabilities: A flaw was found in the way libarchive handled hardlink archive entries of non-zero size. Combined with flaws in libarchive's file system sandboxing, this issue could cause an application using libarchive to overwrite arbitrary files with...
Updated golang package fixes security vulnerability
Updated golang packages fix security vulnerability: Go: sets environmental variable based on user supplied Proxy request header CVE-2016-5386...
Updated tomcat packages fix security vulnerability
Apache Tomcat through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTPPROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP...
Updated curl packages fix security vulnerability
The four libcurl functions curlescape, curleasyescape, curlunescape and curleasyunescape perform string URL percent escaping and unescaping. They accept custom string length inputs in signed integer arguments. The provided string length arguments were not properly checked and due to arithmetic in...
Updated libksba packages fix security vulnerability
It was found that an unproportionate amount of memory is allocated when parsing crafted certificates in libskba, which may lead to DoS. Moreover in libksba 1.3.4, allocated memory is uninitialized and could potentially contain sensitive data left in freed memory block...
Updated slock packages fix security vulnerability
The slock utility is susceptible to crash when verifying a password for a user without a valid shadow hash entry CVE-2016-6866...
Updated jsch packages fix security vulnerability
It was discovered that there was a path traversal vulnerability in jsch CVE-2016-5725...
Updated icu packages fix security vulnerability
Buffer overflow ICU in the ulocacceptLanguageFromHTTP function CVE-2016-6293...
Updated chromium-browser-stable packages fix security vulnerability
Blink, as used in Chromium before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, mishandles deferred page loads, which allows remote attackers to inject arbitrary web script or HTML via a crafted web site, aka "Universal XSS UXSS." CVE-2016-5147 Cross-site scripting XSS...
Updated nodejs packages fix security vulnerability
Under certain conditions, V8 may improperly expand memory allocations in the Zone::New function. This could potentially be used to cause a Denial of Service via buffer overflow or as a trigger for a remote code execution CVE-2016-1669. The primary npm registry has used HTTP bearer tokens to...
Updated file-roller packages fix security vulnerability
It was discovered that File Roller incorrectly handled symlinks. If a user were tricked into extracting a specially-crafted archive, an attacker could delete files outside of the extraction directory...
Updated flash-player-plugin packages fix security vulnerability
Adobe Flash Player 11.2.202.635 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system. This update resolves an integer overflow vulnerability that could lead to code execution CVE-2016-4287. Th...
Updated jasper packages fix security vulnerability
A double-free issue in JasPer 1.900.1 in the jasperimagestopload function can cause a denial of service if a specially crafted JPEG image is loaded CVE-2015-5203. A use-after-free which leads to double-free vulnerability was found in Jasper JPEG-2000 library, in src/libjasper/mif/mifcod.c file...
Updated mediawiki packages fix security vulnerability
Check read permission when loading page content in ApiParse CVE-2016-6331 Make blocks log users out if $wgBlockDisablesLogin is true CVE-2016-6332 Make $wgBlockDisablesLogin also restrict logged in permissions CVE-2016-6332 Require login to preview user CSS pages CVE-2016-6333 Escape '' in inline...
Updated perl-DBD-mysql packages fix security vulnerability
Two use-after-free vulnerabilities were discovered in DBD::mysql. A remote attacker can take advantage of these flaws to cause a denial-of-service against an application using DBD::mysql application crash, or potentially to execute arbitrary code with the privileges of the user running the...
Updated lcms2 packages fix security vulnerability
An out-of-bounds read in cmstypes.c in TypeMLURead function was found, leading to heap memory leak triggered by crafted ICC profile rhbz1367357...
Updated dropbear packages fix security vulnerability
Message printout was vulnerable to format string injection. If specific usernames including "%" symbols can be created on a system validated by getpwnam then an attacker could run arbitrary code as root when connecting to Dropbear server. Also, a dbclient user who can control username or host...
Updated cracklib packages fix security vulnerability
It was discovered that there was a stack-based buffer overflow when parsing large GECOS fields in cracklib CVE-2016-6318...
Updated openvpn packages fix security vulnerability
Ciphers with 64-bit block sizes used in CBC mode were found to be vulnerable to birthday attack when key renegotiation doesn't happen frequently or at all in long running connections. Blowfish cipher as used in OpenVPN by default is vulnerable to this attack, that allows remote attacker to recove...
Updated krb5 packages fix security vulnerability
The validateasrequest function in kdcutil.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 before 1.14.3, when restrictanonymoustotgt is enabled, uses an incorrect client data structure, which allows remote authenticated users to cause a denial of service NULL pointer dereference a...
Updated perl-XSLoader packages fix security vulnerability
An arbitrary code execution can be achieved if loading code from untrusted current working directory despite the '.' is removed from @INC. Vulnerability is in XSLoader that uses caller information to locate .so file to load. If malicious attacker creates directory named eval 1 with malicious bina...
Updated eog packages fix security vulnerability
An out-of-bounds write vulnerability in eog was found when processing specially crafted SVG file. Due to passing the error message containing invalid UTF-8 character to GMarkup, out-of-bounds access is triggered CVE-2016-6855...
Updated python3/python packages fix security vulnerability
Fix for CVE-2016-1000110 HTTPoxy attack. Many software projects and vendors have implemented support for the “Proxy” request header in their respective CGI implementations and languages by creating the “HTTPPROXY” environmental variable based on the header value. When this variable is used in man...
Updated webkit2 packages fix security vulnerability
The webkit2 package has been updated to version 2.12.4, fixing several security issues and other bugs...
Updated redis packages fix security vulnerability
It was discovered that redis did not properly protect redis-cli history files; they were created by default with world-readable permissions CVE-2013-7458...
Updated ctdb packages fix security vulnerability
The kernel fix for CVE-2015-8543 uncovered a bug in ctdb, leading to broken clusters. The ctdb package has been patched to fix this issue...
Updated mupdf packages fix security vulnerability
A flaw was discovered in the pdfloadmeshparams function allowing out-of-bounds write access to memory locations. With carefully crafted input, that could trigger a heap overflow, resulting in application crash or possibly having other unspecified impact CVE-2016-6525. Also, mupdf already containe...
Updated fontconfig packages fix security vulnerability
Tobias Stoeckmann discovered that cache files are insufficiently validated in fontconfig, a generic font configuration library. An attacker can trigger arbitrary free calls, which in turn allows double free attacks and therefore arbitrary code execution. In combination with setuid binaries using...
Updated phpmyadmin packages fix security vulnerability
In phpMyAdmin before 4.4.15.8, the decryption of the username/password is vulnerable to a padding oracle attack. The can allow an attacker who has access to a user's browser cookie file to decrypt the username and password. Also, the same initialization vector IV is used to hash the username and...
Updated openssh packages fix security vulnerability
The dosetupenv function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pamenvironment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the /bin/login program, as...
Updated python-django packages fix security vulnerability
It was discovered that Django is prone to a cross-site scripting vulnerability in the admin's add/change related popup CVE-2016-6186...
Updated kernel-tmb packages fix security vulnerabilities
This update is based on the upstream 4.4.16 kernel and fixes at least theese security issues: nfsd in the Linux kernel through 4.6.3 allows local users to bypass intended file-permission restrictions by setting a POSIX ACL, related to nfs2acl.c, nfs3acl.c, and nfs4acl.c. CVE-2016-1237. The...
Updated bsdiff packages fix security vulnerability
Integer signedness error in bspatch.c in bspatch in bsdiff allows remote attackers to execute arbitrary code or cause a denial of service heap-based buffer overflow via a crafted patch file CVE-2014-9862...
Updated nettle/nettle2.7 packages fix security vulnerability
The cryptographic library nettle had a potential information leak problem reported. RSA code is vulnerable to cache sharing related attacks CVE-2016-6489...
Updated gnupg/libgcrypt packages fix security vulnerability
Felix Doerre and Vladimir Klebanov from the Karlsruhe Institute of Technology discovered a flaw in the mixing functions of GnuPG's random number generator. An attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output CVE-2016-6313. The gnupg package has been...
Updated php packages fix security vulnerability
The php package has been updated to version 5.6.25, which fixes several security issues and other bugs. See the upstream ChangeLog for more details...
Updated curl packages fix security vulnerability
libcurl before 7.50.1 would attempt to resume a TLS session even if the client certificate had changed. That is unacceptable since a server by specification is allowed to skip the client certificate check on resume, and may instead use the old identity which was established by the previous...